<?php
session_start();
include_once "checkLogin.php";
$id = $_GET['carID'];
$code = $_GET['code'];
if($_SESSION['authcode'] != $code){
    echo "<script>alert('验证码错误。');history.back();</script>";
    exit;
}
include_once "conn.php";
//投票限制：第一步，判断当前用户给当前车辆在今天投了几票
$sql = "SELECT 1 FROM vote WHERE userinfoID = ".$_SESSION['loggedID']." AND carID = $id
AND FROM_UNIXTIME(votetime, '%Y-%m-%d') = '".date("Y-m-d")."'";
$result = mysqli_query($conn,$sql);
if(mysqli_num_rows($result) == 5){  //说明已经有5票了
    //不能投票
    echo "<script>alert('一人一天只能给同一辆车投5票。');history.back();</script>";
    exit;
}
//投票限制：第二步，判断当前用户给当前车辆在今天投了几票
$sql = "SELECT carID FROM vote where userinfoID = ".$_SESSION['loggedID']." and 
FROM_UNIXTIME(votetime, '%Y-%m-%d') = '".date("Y-m-d")."' and carId <> $id GROUP BY carID";
$result = mysqli_query($conn,$sql);
if(mysqli_num_rows($result) == 3){  //说明加上当前车辆，已经超过3辆车，不可以投票
    //不能投票
    echo "<script>alert('一人一天只能给最多三辆车投票。');history.back();</script>";
    exit;
}
//判断投票间隔
$sql = "select votetime from vote where userinfoid = ".$_SESSION['loggedID']." order by id desc limit 0,1";
$result = mysqli_query($conn,$sql);
if(mysqli_num_rows($result)){ //说明找到记录，已经投过票。
    //接下来判断时间间隔
    $votetime = mysqli_fetch_array($result);
    if(time() - $votetime['votetime'] <= 10){
        //不能投票
        echo "<script>alert('两次投票必须至少间隔10s以上。');history.back();</script>";
        exit;
    }
}
//判断当前IP是否可以投票
$ip = getIp();
$sql = "select num,iptime from ip where ip = '$ip'";
$result = mysqli_query($conn,$sql);
if(mysqli_num_rows($result)){  //说明此IP投过票
    $info = mysqli_fetch_array($result);
    if($info['iptime'] == date("Y-m-d")){ //说明此IP今天投过票，就需要判断当前票数
        if($info['num']<5){ //说明投票未过5票，可以投票
            //票数+1
            $sql = "update ip set num = num + 1 where ip = '$ip'";
            mysqli_query($conn,$sql);
        }
        else{ //说明已经有5票了，不能投票
            echo "<script>alert('当前IP地址今天投票已经超过5票，请明日再来。');history.back();</script>";
            exit;
        }
    }
    else{ //说明此IP今天未投过票。更新投票日期，同时，把Num更新成1.
        $sql = "update ip set iptime = '".date("Y-m-d")."', num = 1";
        mysqli_query($conn,$sql);
    }
}
else{ //说明是一个新的IP
    //可以投票，同时，在IP表里增加一行
    $sql = "insert into ip (ip,iptime,num) values ('$ip','".date("Y-m-d")."','1')";
    mysqli_query($conn,$sql);
}
//接下来有两项任务。
//第一项，在投票关系表中增加当前投票信息
$sql = "insert into vote (userinfoID,carID,votetime) 
values ('".$_SESSION['loggedID']."','$id','".time()."')";
$result1 = mysqli_query($conn,$sql);

//第二项，在车辆表中增加当前这一票
$sql = "update car set carnum = carnum + 1 where id = $id";
$result2 = mysqli_query($conn,$sql);

if($result1 and $result2){
    echo "<script>alert('投票成功');location.href='index.php';</script>";
}
else{
    echo "<script>alert('投票失败');history.back();</script>";
}
function getIp()
{
    if(!empty($_SERVER["HTTP_CLIENT_IP"]))    {
        $cip = $_SERVER["HTTP_CLIENT_IP"];
    }
    else if(!empty($_SERVER["HTTP_X_FORWARDED_FOR"]))    {
        $cip = $_SERVER["HTTP_X_FORWARDED_FOR"];
    }
    else if(!empty($_SERVER["REMOTE_ADDR"]))    {
        $cip = $_SERVER["REMOTE_ADDR"];
    }
    else    {
        $cip = '';
    }
    preg_match("/[\d\.]{7,15}/", $cip, $cips);
    $cip = isset($cips[0]) ? $cips[0] : 'unknown';
    unset($cips);
    return $cip;
}